Solved

SFTP through Cisco Pix on Non-standard port

Posted on 2008-06-24
3
1,145 Views
Last Modified: 2008-07-07
I configured an SFTP (openssh) server inside my network. It runs on port 3000 (for example).
I setup an access-list on the PIX to allow traffic on port 3000 to my server, but my test laptop on another network gets "connection refused" when trying to connect on that port.  I can see the hit-count increasing on that line of the access-list so I know the traffic is matching.

I think its a pix setting? Will the pix only allow SSH through on the standard port 22 ?

Thank you,
0
Comment
Question by:jwestbulldog
  • 2
3 Comments
 

Author Comment

by:jwestbulldog
ID: 21857336
Some clarification:

I can connect to the SSH server from inside the network on port 3000 , so that should rule out server settings or bad username/password.
I'm pretty sure it's firewall related - but access list is set to pass traffic through on port 3000.

Thanks,
0
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 21857428
0
 

Accepted Solution

by:
jwestbulldog earned 0 total points
ID: 21859726
Fixed it.
The PIX's xlate table had no entry for the internal server. Pinging OUT from that server created the xlate entry and the incoming SFTP connections started working.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question